Home Explore Help
Register Sign In
fr33domlover
/
Rel4tion-Wiki
mirror of git://seek-together.space/wiki.git
Watch 1
Star 0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
Rel4tion-Wiki
/
news
/
SSL_Support.mdwn

SSL_Support.mdwn 2.1 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546 
  1. [[!tag /news]]
    2. 

  2. 

  3. # Story
    4. 

  4. 

  5. Since I launched this website several months ago, Partager and all its servers
    6. 

  6. were not using SSL. I initially intended to be only inside I2P, and I2P does its
    7. 

  7. own encryption and some sort of authentication, which makes SSL unnecessary.
    8. 

  8. However, later I decided to open the servers to clearnet access and that meant
    9. 

  9. plain connections with potentially sensitive information passing unencrypted.
    10. 

  10. 

  11. At some point I configured ikiwiki to requires SSL for cookies, in order to
    12. 

  12. avoid this privacy problem. That meant no web logins at all, of course.
    13. 

  13. 

  14. It took me a while to get SSL to work. Not because it's complicated, but because
    15. 

  15. 

  16. 1. I was busy with other things and make small slow steps
    17. 

  17. 2. I was documenting my progress and writing a guide in parallel
    18. 

  18. 

  19. Since writing guides is not immediately useful, they get low priority and not
    20. 

  20. writing them while the information is fresh in memory is a big risk. Once I
    21. 

  21. forget and focus on other things, it's very difficult for me to write a full
    22. 

  22. guide because I don't really have any experience or knowledge other than this
    23. 

  23. one-time installation process I do with each new server.
    24. 

  24. 

  25. Solution: Write the guide in parallel to doing the process itself.
    26. 

  26. 

  27. # How to Use
    28. 

  28. 

  29. I wrote a guide for users of this website and other Partager servers (this
    30. 

  30. includes anyone browsing here who wants to browse with HTTPS), which explains
    31. 

  31. how to tell your computer to trust Partager's CA certificate (I created a new
    32. 

  32. independent CA, not relying on any centralized CA organization).
    33. 

  33. 

  34. The guide is [[here|projects/systems/servers/security/certificates]]. There's also
    35. 

  35. a more general-purpose guide with a bit more background info but less
    36. 

  36. Partager-specific details [[here|projects/systems/user-guides/ssl]].
    37. 

  37. 

  38. Also, there's a general SSL info page [[here|/ssl]].
    39. 

  39. 

  40. # How to Make My Server Support SSL Too?
    41. 

  41. 

  42. I prepared an [[admin guide|projects/systems/admin-guides/ssl]] for the server
    43. 

  43. admin, and a [[user guide|projects/systems/user-guides/ssl]] the admin can user in
    44. 

  44. order to understand the client side and prepare the files, instructions etc. You
    45. 

  45. can also use the Partager-specific guide linked above as a template.
    46. 

  46.